Update Rust crate dir-diff to 0.3.3 #93
Security Report
| CVE | Severity |  CVSS Score |
Exploit Maturity | EPSS | Vulnerable Library | Suggested Fix | Issue |
|---|---|---|---|---|---|---|---|
CVE-2023-45853Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ libz-sys-1.1.8.crate (Vulnerable Library) |
 Critical |
9.8 | Not Defined | 0.1% | libz-sys-1.1.8.crate | Upgrade to version: v1.3.1 | None |
CVE-2022-37434Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> ❌ libgit2-sys-0.14.2+1.5.1.crate (Vulnerable Library) |
Critical |
9.8 | Not Defined | 0.3% | libgit2-sys-0.14.2+1.5.1.crate | Upgrade to version: v1.2.13 | None |
CVE-2022-37434Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ libz-sys-1.1.8.crate (Vulnerable Library) |
Critical |
9.8 | Not Defined | 0.3% | libz-sys-1.1.8.crate | Upgrade to version: v1.2.13 | None |
CVE-2020-25573Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> riker-0.4.2.crate (Root Library) -> config-0.10.1.crate -> serde-hjson-0.9.1.crate -> ❌ linked-hash-map-0.3.0.crate (Vulnerable Library) |
Critical |
9.8 | Not Defined | 0.4% | linked-hash-map-0.3.0.crate | Upgrade to version: linked-hash-map - 0.5.3 | None |
WS-2023-0045Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> tempfile-3.3.0.crate (Root Library) -> ❌ remove_dir_all-0.5.3.crate (Vulnerable Library) |
Critical |
9.1 | Not Defined | remove_dir_all-0.5.3.crate | Upgrade to version: remove_dir_all - 0.8.0 | None | |
CVE-2024-24577Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> ❌ libgit2-sys-0.14.2+1.5.1.crate (Vulnerable Library) |
 High |
8.6 | Not Defined | 0.2% | libgit2-sys-0.14.2+1.5.1.crate | Upgrade to version: v1.6.5,v1.7.2 | None |
CVE-2023-4807Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
High |
7.8 | Not Defined | 0.0% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: openssl-3.0.11,openssl-3.1.3,OpenSSL_1_1_1w, cryptography - 41.0.4 | None |
WS-2023-0083Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ openssl-sys-0.9.80.crate (Vulnerable Library) |
High |
7.5 | Not Defined | openssl-sys-0.9.80.crate | Upgrade to version: openssl - 0.10.48 | None | |
WS-2023-0082Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ openssl-sys-0.9.80.crate (Vulnerable Library) |
High |
7.5 | Not Defined | openssl-sys-0.9.80.crate | Upgrade to version: openssl - 0.10.48 | None | |
WS-2023-0081Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ openssl-sys-0.9.80.crate (Vulnerable Library) |
High |
7.5 | Not Defined | openssl-sys-0.9.80.crate | Upgrade to version: openssl - 0.10.48 | None | |
WS-2022-0013Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> riker-0.4.2.crate (Root Library) -> ❌ dashmap-3.11.10.crate (Vulnerable Library) |
High |
7.5 | Not Defined | dashmap-3.11.10.crate | Upgrade to version: dashmap - 5.1.0 | None | |
CVE-2024-27308Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> actix-web-4.3.0.crate (Root Library) -> actix-codec-0.5.0.crate -> tokio-1.24.2.crate -> ❌ mio-0.8.5.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.0% | mio-0.8.5.crate | Upgrade to version: mio - 0.8.11 | None |
CVE-2023-26964Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> actix-web-4.3.0.crate (Root Library) -> actix-http-3.3.0.crate -> ❌ h2-0.3.15.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.1% | h2-0.3.15.crate | Upgrade to version: h2 - 0.3.17 | None |
CVE-2023-0464Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.4% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1u,openssl-3.0.9,openssl-3.1.1 | None |
CVE-2023-0215Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.6% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: openssl-src - 111.25,300.0.12 | None |
CVE-2022-4450Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.2% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1t,openssl-3.0.8 | None |
CVE-2018-25032Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ libz-sys-1.1.8.crate (Vulnerable Library) |
High |
7.5 | Not Defined | 0.3% | libz-sys-1.1.8.crate | Upgrade to version: v1.2.12 | None |
CVE-2023-0286Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
High |
7.4 | Not Defined | 0.4% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: openssl-3.0.8;cryptography - 39.0.1;openssl-src - 111.25.0+1.1.1t,300.0.12+3.0.8 | None |
WS-2020-0368Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> ❌ libz-sys-1.1.8.crate (Vulnerable Library) |
 Medium |
6.5 | Not Defined | libz-sys-1.1.8.crate | Upgrade to version: cmake-native - 3.15.5;binutils-cross-testsuite - 2.35;libstd-rs - 1.57.0;gdb - 11.1,9.2;tcl - 8.6.11;sudo - 1.8.32;binutils - 2.35,2.28;ccache - 3.3.3,4.1;libgit2 - 1.3.0;cmake - 3.19.5,3.7.0,3.7.2,3.22.0,3.17.3;cmake-native - 3.17.3,3.7.0,3.22.0,3.18.4;ghostscript - 9.55.0 | None | |
CVE-2023-2650Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
6.5 | Not Defined | 0.3% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1u,openssl-3.0.9,openssl-3.1.1, cryptography - 41.0.0 | None |
CVE-2023-48795Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> ❌ libssh2-sys-0.2.23.crate (Vulnerable Library) |
Medium |
5.9 | Not Defined | 96.5% | libssh2-sys-0.2.23.crate | Upgrade to version: putty - 0.80, openssh - V_9_6_P1, golang/crypto - v0.17.0, asyncssh - 2.14.2, libssh-0.9.8, libssh-0.10.6, teraterm - v5.1, paramiko - 3.4.0, russh - 0.40.2, com.github.mwiede:jsch:0.2.15, proftpd - v1.3.8b, thrussh - 0.35.1, teraterm - v5.1, org.connectbot:sshlib:2.2.22, mscdex/ssh2 - 1.15.0, jtesta/ssh-audit - v3.1.0, Oryx-Embedded/CycloneSSH - v2.3.4, opnsense/src - 23.7, winscp - 6.2.2, PowerShell/openssh-portable - v9.5.0.0 | None |
CVE-2022-4304Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
5.9 | Not Defined | 0.2% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1t,openssl-3.0.8 | None |
CVE-2024-0727Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
5.5 | Not Defined | 0.2% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1x,OpenSSL_1_0_2zj,openssl-3.0.13,openssl-3.1.5,openssl-3.2.1 | None |
WS-2023-0223Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> stderrlog-0.5.4.crate (Root Library) -> ❌ atty-0.2.14.crate (Vulnerable Library) |
Medium |
5.3 | Not Defined | atty-0.2.14.crate | None | ||
CVE-2023-5678Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
5.3 | Not Defined | 0.1% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1x,openssl-3.0.13,openssl-3.1.5 | None |
CVE-2023-3817Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
5.3 | Not Defined | 0.1% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: openssl-3.0.10,openssl-3.1.2 | None |
CVE-2023-0465Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
5.3 | Not Defined | 0.2% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: OpenSSL_1_1_1u,openssl-3.0.9,openssl-3.1.1 | None |
CVE-2022-4203Path to dependency file: /Cargo.toml Path to vulnerable library: /Cargo.toml Dependency Hierarchy: -> git2-0.16.1.crate (Root Library) -> libgit2-sys-0.14.2+1.5.1.crate -> libssh2-sys-0.2.23.crate -> openssl-sys-0.9.80.crate -> ❌ openssl-src-111.24.0+1.1.1s.crate (Vulnerable Library) |
Medium |
4.9 | Not Defined | 0.1% | openssl-src-111.24.0+1.1.1s.crate | Upgrade to version: openssl-3.0.8 | None |
Total libraries scanned: 285
Scan token: 734a1f2b77d6419ebff705fa1a849bbb